Jump to content

hstart.exe getting quarantined as HackTool.HiddenStart

chedbe_EMA

By chedbe_EMA
in Malwarebytes Nebula

 Share

Recommended Posts

chedbe_EMA

chedbe_EMA

Posted
Posted

Hello,

I started seeing MBAM alerts today while deploying an application to many computers. Not all computers generated a MBAM alert. The ones that did generate an alert and the hstart.exe was quarantined caused the software installation to fail. Below is an example of the alert. I have also attached a sample of the hstart.exe for your analysis. The software package I'm installing is called Newforma Project Center Client.

1/7/2018 1:31:37 PM       [Computer Name Removed]  [IP Removed]  HackTool.HiddenStart    Quarantined                C:\Users\[UserName Removed]\AppData\Local\Temp\{D5E81AB8-284A-4475-AEA4-A717F51FB273}\hstart.exe

1/7/2018 1:31:37 PM       [Computer Name Removed]  [IP Removed]  HackTool.HiddenStart    Quarantined                C:\Users\[User Name Removed]\AppData\Local\Temp\{0E5865BC-FBF7-460E-A874-D5E62DD5A41A}\hstart.exe

 

Please advise.

Thanks, Chad

hstart.zip

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.